oauth.airmiles.ca Open in urlscan Pro
2606:4700:4400::6812:2675 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.prod1.programnews.airmiles.ca/r/?id=ha6f2c463,7e229fa,5bf9c0
Effective URL:
https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1G...
Submission: On December 08 via api (December 8th 2022, 2:17:43 pm UTC) from CZ — Scanned from CA

Summary HTTP 43 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 43 HTTP transactions. The main IP is 2606:4700:4400::6812:2675, located in United States and belongs to CLOUDFLARENET, US. The main domain is oauth.airmiles.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 26th 2022. Valid for: a year.

This is the only time oauth.airmiles.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.183.60.36 35.183.60.36	16509 (AMAZON-02) (AMAZON-02)
1 3	96.16.195.224 96.16.195.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700:440... 2606:4700:4400::6812:2675	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:c00... 2a04:4e42:c00::282	54113 (FASTLY) (FASTLY)
2	52.217.85.214 52.217.85.214	16509 (AMAZON-02) (AMAZON-02)
2	2600:1402:980... 2600:1402:9800:48a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2008	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
2 2	159.175.66.11 159.175.66.11	26567 (AS-LMGC-T...) (AS-LMGC-TOR-01)
4	54.231.136.217 54.231.136.217	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80c::200e	15169 (GOOGLE) (GOOGLE)
4	44.239.225.159 44.239.225.159	16509 (AMAZON-02) (AMAZON-02)
1	54.162.44.193 54.162.44.193	14618 (AMAZON-AES) (AMAZON-AES)
8	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
2	54.186.254.183 54.186.254.183	16509 (AMAZON-02) (AMAZON-02)
1 1	3.220.196.113 3.220.196.113	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
43	16

1 35.183.60.36 (Montreal, Canada) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-183-60-36.ca-central-1.compute.amazonaws.com

t.prod1.programnews.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.16.195.224 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-195-224.deploy.static.akamaitechnologies.com

www.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2675 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

oauth.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.85.214 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1402:9800:48a::1e80 (Atlanta, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80e::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.175.66.11 (Toronto, Canada) 2 redirects

ASN26567 (AS-LMGC-TOR-01, CA)
PTR: origin-www.airmiles.ca

airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.231.136.217 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

airmiles-fonts.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.239.225.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-225-159.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.162.44.193 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-44-193.compute-1.amazonaws.com

starget.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:817::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.186.254.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-254-183.us-west-2.compute.amazonaws.com

loyaltyone.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.220.196.113 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-196-113.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	airmiles.ca 5 redirects t.prod1.programnews.airmiles.ca www.airmiles.ca — Cisco Umbrella Rank: 363572 oauth.airmiles.ca airmiles.ca — Cisco Umbrella Rank: 271161 starget.airmiles.ca — Cisco Umbrella Rank: 972697	325 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	559 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 354	48 KB
6	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 198 loyaltyone.demdex.net	9 KB
6	amazonaws.com s3.amazonaws.com airmiles-fonts.s3.amazonaws.com	1 MB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 74 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 26	21 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 8290	564 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	126 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 458	103 KB
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 829	828 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 949	517 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1385	417 B
43	13

	Domain	Requested by
6	www.gstatic.com	www.google.com www.gstatic.com
6	www.google.com	s3.amazonaws.com oauth.airmiles.ca www.google.com www.gstatic.com
4	dpm.demdex.net	assets.adobedtm.com oauth.airmiles.ca
4	airmiles-fonts.s3.amazonaws.com	oauth.airmiles.ca
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com oauth.airmiles.ca
3	www.airmiles.ca	1 redirects oauth.airmiles.ca
2	cm.g.doubleclick.net	2 redirects
2	fonts.gstatic.com	www.google.com
2	loyaltyone.demdex.net	assets.adobedtm.com
2	www.google.ca	oauth.airmiles.ca
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	airmiles.ca	2 redirects
2	www.googletagmanager.com	s3.amazonaws.com www.googletagmanager.com
2	assets.adobedtm.com	oauth.airmiles.ca assets.adobedtm.com
2	s3.amazonaws.com	oauth.airmiles.ca
2	oauth.airmiles.ca	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	cm.everesttech.net	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	starget.airmiles.ca	assets.adobedtm.com
1	polyfill.io	oauth.airmiles.ca
1	t.prod1.programnews.airmiles.ca	1 redirects
43	22

This site contains links to these domains. Also see Links.

Domain
policies.google.com
airmiles.ca
www.airmiles.ca
www.loyalty.com

Subject Issuer	Validity	Valid
oauth.airmiles.ca Cloudflare Inc ECC CA-3	`2022-07-26` - `2023-07-25`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
starget.airmiles.ca DigiCert TLS RSA SHA256 2020 CA1	`2022-11-10` - `2023-11-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Frame ID: 71CC8952AB4CCFC2B6473538DDBD6CAF
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=en&type=image&v=Km9gKuG06He-isPsP6saG8cn&theme=light&size=invisible&badge=bottomright&cb=fpoipr9q7sm4
Frame ID: 08638BE4662B79727B331898A9672298
Requests: 7 HTTP requests in this frame

Frame: https://loyaltyone.demdex.net/dest5.html?d_nsid=0
Frame ID: 9551FA4D9B3EDE71A82A23D0D47FDB2E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u
Frame ID: D8CCFCDF86E3CAF6338AD30971D1ADAE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AIRMILES | Sign in

Page URL History Show full URLs

https://t.prod1.programnews.airmiles.ca/r/?id=ha6f2c463,7e229fa,5bf9c0 HTTP 302
https://www.airmiles.ca/en/profile/convert.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm... HTTP 302
https://oauth.airmiles.ca/authorize?scope=memberbanner&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&resp... HTTP 302
https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3Rp... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

43
Requests

88 %
HTTPS

48 %
IPv6

13
Domains

22
Subdomains

16
IPs

2
Countries

2591 kB
Transfer

3883 kB
Size

26
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy?hl=en
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=en
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://airmiles.ca/en/join.html
Title: Join now

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/arrow/login/FindMyCollectorNumber?changeLocale=en
Title: Recover my collector number

Search URL Search Domain Scan URL

URL: https://airmiles.ca/en/profile/forgot-user-id/user-id-recover.html
Title: Recover my email

Search URL Search Domain Scan URL

URL: https://airmiles.ca/fr/login
Title: Français

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/en/get-help.html
Title: Help

Search URL Search Domain Scan URL

URL: https://www.loyalty.com/
Title: LoyaltyOne, Co

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.prod1.programnews.airmiles.ca/r/?id=ha6f2c463,7e229fa,5bf9c0 HTTP 302
https://www.airmiles.ca/en/profile/convert.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert HTTP 302
https://oauth.airmiles.ca/authorize?scope=memberbanner&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&response_type=code&audience=airmiles-web-collector&redirect_uri=https://services.api.airmiles.ca/services/airmiles/sling/no-cache/authenticate&state=member&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert HTTP 302
https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png HTTP 302
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png

Request Chain 7

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png HTTP 302
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png

Request Chain 29

https://cm.everesttech.net/cm/dd?d_uuid=40576214515534447081155053682146480996 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5HyAwAAAKckCgNP

Request Chain 37

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDA1NzYyMTQ1MTU1MzQ0NDcwODExNTUwNTM2ODIxNDY0ODA5OTY= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDA1NzYyMTQ1MTU1MzQ0NDcwODExNTUwNTM2ODIxNDY0ODA5OTY=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEpb6gzbWDcFWCtyg5GL3qY&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 40

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=40576214515534447081155053682146480996&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-lOTr.KRE2pH7COvtM4oFIqJ2WFECdrS0peE-~A

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
oauth.airmiles.ca/
Redirect Chain

https://t.prod1.programnews.airmiles.ca/r/?id=ha6f2c463,7e229fa,5bf9c0
https://www.airmiles.ca/en/profile/convert.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
https://oauth.airmiles.ca/authorize?scope=memberbanner&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&response_type=code&audience=airmiles-web-collector&redirect_uri=https://services.api.airmiles.ca/se...
https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE...

3 KB
4 KB

152ms
151ms

Document
text/html

2606:4700:4400::6812:2675
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2675 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9f6890fef0f7c4983c43608224a3afee265e2af6530ffc772667288520ef87c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7766202cca64ece6-YUL
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Thu, 08 Dec 2022 14:17:38 GMT
etag: W/"deb-qh5j/ngXFAW/rt8uo9ElxybPCO8"
ot-baggage-auth0-request-id: 7766202cca64ece6
ot-tracer-sampled: true
ot-tracer-spanid: 4e75efbf5e9f4406
ot-tracer-traceid: 7d14597b1393c561
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
traceparent: 00-00000000000000007d14597b1393c561-4e75efbf5e9f4406-01
tracestate: auth0-request-id=7766202cca64ece6,auth0=true
vary: Accept-Encoding
x-auth0-requestid: f798efefdf4bf11dc58b
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 500
x-ratelimit-remaining: 499
x-ratelimit-reset: 1670509059
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7766202b48c6ece6-YUL
content-length: 1260
content-type: text/html; charset=utf-8
date: Thu, 08 Dec 2022 14:17:38 GMT
location: /login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
ot-baggage-auth0-request-id: 7766202b48c6ece6
ot-tracer-sampled: true
ot-tracer-spanid: 4b03c7e32360630e
ot-tracer-traceid: 55ed425510d3a72f
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
traceparent: 00-000000000000000055ed425510d3a72f-4b03c7e32360630e-01
tracestate: auth0-request-id=7766202b48c6ece6,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: bd95ef93f86132551a37
x-content-type-options: nosniff
x-ratelimit-limit: 500
x-ratelimit-remaining: 498
x-ratelimit-reset: 1670509059

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 65ms
27ms Script
text/javascript 2a04:4e42:c00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?features=es2015
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 14:17:38 GMT
content-encoding: br
last-modified: Wed, 30 Nov 2022 17:02:06 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/108.0.0
server-timing: cache-yul12828, PASS, fastly;desc="Edge time";dur=10
accept-ranges: bytes
content-length: 94

GET
H/1.1 200
OK gtmDataLayer.js Show response
s3.amazonaws.com/prod-amrpext-auth0-login/ 355 B
762 B 162ms
109ms Script
application/javascript 52.217.85.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/gtmDataLayer.js
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.214 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1a0e46b8cdee9e8af9b0cd555d33c82b3b920509ecf48a0c49b8b45074e266a3

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 14:17:39 GMT
Last-Modified: Wed, 22 Jun 2022 12:35:47 GMT
Server: AmazonS3
x-amz-request-id: Y7AS9E6J0J95KZGN
ETag: "26b4c91e6ed7cb7bd0e6de46903ebc04"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 355
x-amz-id-2: YFmHmgDCOiTBlnKDCE2WF6yoPghPqa4X3m8JG8tifIn6fSWxvdERdgdrpMdF3dlz2e0jLgJTl8k=

GET
H2 200 launch-29c1aee2883d.min.js Show response
assets.adobedtm.com/cf65343579a7/3196a1cd60be/ 329 KB
102 KB 181ms
39ms Script
application/x-javascript 2600:1402:9800:48a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1402:9800:48a::1e80 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 57709066bf6d023273173027dbddfdf2616578f524c9360f3fbb6e87740fab47

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 14:17:38 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 14:41:05 GMT
server: AkamaiNetStorage
etag: "96b278a64915ff92bf38e9e96c0ea8fe:1669646465.433522"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 103861
expires: Thu, 08 Dec 2022 15:17:38 GMT

GET
H/1.1 200
OK auth0p.1.0.140.js Show response
s3.amazonaws.com/prod-amrpext-auth0-login/ 1 MB
1 MB 116ms
63ms Script
application/javascript 52.217.85.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/auth0p.1.0.140.js
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.85.214 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 78952943632e3c1c3b3313ba757aa35b716e9fca299604f1a8db3b8a83319ca6

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 14:17:39 GMT
Last-Modified: Thu, 17 Nov 2022 15:08:59 GMT
Server: AmazonS3
x-amz-request-id: Y7AM7J355CJG3DHC
ETag: "0b1f1ef66f9d5d2c74c3a3786093aece"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1310458
x-amz-id-2: BRnUqfXbv3fGshyYLBGD6/S1nlmUUxmLVNrgG1R/H9lYA261XSldedNVXRIdN2DznR1nQzbhyh8=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
52 KB 82ms
33ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-589MTWS

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/gtmDataLayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42eec8ae8364f4aff658882bc68f24cfd9d7844c335486cb6e8f99d0e841c2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 14:17:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52389
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Dec 2022 14:17:38 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
991 B 93ms
39ms Script
text/javascript 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/auth0p.1.0.140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5b5a7b9614bd1499c89bf55bb6d2f13b22bb71522b357995a4df9459f8092038

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 14:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 578
x-xss-protection: 1; mode=block
expires: Thu, 08 Dec 2022 14:17:38 GMT

GET
H2

200

AIRMILES_NOTAG.png
www.airmiles.ca/content/dam/airmiles/ca/en/homepage/
Redirect Chain

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png

13 KB
13 KB

41ms
41ms

Image
image/png

96.16.195.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png

Requested by

Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert

Protocol

Server

96.16.195.224 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-195-224.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

bd3e0886413ad534cc1d803be54d6911870005163bc22377dbbe49a0811676a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .airmiles.ca .cxtrvl.com .adobe.com .adobemc.com
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=*.airmiles.ca
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors *.airmiles.ca *.cxtrvl.com *.adobe.com *.adobemc.com
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 14:17:38 GMT
x-vhost: publish_air
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 13215
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 05 Oct 2021 20:45:30 GMT
server: Apache
etag: "339f-5cda11c31ae80"
x-frame-options: ALLOW-FROM=*.airmiles.ca
content-type: image/png
feature-policy: geolocation 'none'; camera 'none'; microphone 'none'
accept-ranges: bytes

Redirect headers

Location: https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AIRMILES_NOTAG.png
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H2

200

AM_EN_2021_Card_Angle_200pc_updated.png
www.airmiles.ca/content/dam/airmiles/ca/en/homepage/
Redirect Chain

https://airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png
https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png

302 KB
303 KB

23ms
22ms

Image
image/png

96.16.195.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png

Requested by

Protocol

Server

96.16.195.224 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-195-224.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d660b71230c11560d6cc62c46f2a8568b6a2e5d6e605fb9fbd2a36854bc24048

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .airmiles.ca .cxtrvl.com .adobe.com .adobemc.com
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM=*.airmiles.ca
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-dispatcher: dispatcher2useast1
strict-transport-security: max-age=63072000; includeSubdomains;
content-security-policy: frame-ancestors *.airmiles.ca *.cxtrvl.com *.adobe.com *.adobemc.com
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 14:17:38 GMT
x-vhost: publish_air
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 309254
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 30 Sep 2021 03:11:02 GMT
server: Apache
etag: "4b806-5cd2dcbebbd80"
x-frame-options: ALLOW-FROM=*.airmiles.ca
content-type: image/png
feature-policy: geolocation 'none'; camera 'none'; microphone 'none'
accept-ranges: bytes

Redirect headers

Location: https://www.airmiles.ca/content/dam/airmiles/ca/en/homepage/AM_EN_2021_Card_Angle_200pc_updated.png
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK archivo-regular.woff2
airmiles-fonts.s3.amazonaws.com/ 12 KB
13 KB 112ms
43ms Font
binary/octet-stream 54.231.136.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/archivo-regular.woff2
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.136.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b0f297e5bd1358af71c54f54f76e4b87767b91ec2d94d01265c45ebbb68242a

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 14:17:39 GMT
Last-Modified: Thu, 12 Aug 2021 15:03:23 GMT
Server: AmazonS3
x-amz-request-id: Y7AH10C9SMRGYV0F
ETag: "2c86cd470c4a37013e3bd26918617dbc"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 12516
x-amz-id-2: AcwyzJaLlx/ENF7BcDlo3gWxHFxgIVpwAZ8KE54t1roCt3910MNnhjyGwTwBjpFZ2GFcMODaNXU=

GET
H/1.1 200
OK montserrat-bold.woff2
airmiles-fonts.s3.amazonaws.com/ 20 KB
20 KB 109ms
44ms Font
binary/octet-stream 54.231.136.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/montserrat-bold.woff2
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.136.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 14:17:39 GMT
Last-Modified: Thu, 12 Aug 2021 15:03:16 GMT
Server: AmazonS3
x-amz-request-id: Y7AQ66J73CVP2RJQ
ETag: "7bad4a6005ffca3966b2a099250e0638"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 20040
x-amz-id-2: kVLFzkWXr+ZT1nBgzwMPcUFXQIwxSNjFmYGXQERCyFDh61U5OGMYRM5n9SMst72dwyGvzGisO6o=

GET
H/1.1 200
OK AM-icon.ttf
airmiles-fonts.s3.amazonaws.com/ 77 KB
77 KB 109ms
45ms Font
binary/octet-stream 54.231.136.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/AM-icon.ttf
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.136.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bbc31236efcb01ab9ce0c1f3be3ed041cdc2b87b07df8bb0b2401cd053b2b7c3

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 14:17:39 GMT
Last-Modified: Tue, 24 May 2022 15:22:57 GMT
Server: AmazonS3
x-amz-request-id: Y7ANEBNV5JD67F8H
ETag: "2b0a39d5a49aad51c97ca6e71f3f4d58"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 78788
x-amz-id-2: Q5YmZYOFqpEjBWkkwoQ0+LuGc3cpmYZ05jY7MPqimCsvAsUcdBZHTM3xFznkRAsmWR+ympFA7sw=

GET
H/1.1 200
OK archivo-semibold.woff2
airmiles-fonts.s3.amazonaws.com/ 11 KB
12 KB 110ms
46ms Font
binary/octet-stream 54.231.136.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://airmiles-fonts.s3.amazonaws.com/archivo-semibold.woff2
Requested by: Host: oauth.airmiles.ca
URL: https://oauth.airmiles.ca/login?state=hKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA&client=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&protocol=oauth2&scope=memberbanner&response_type=code&audience=airmiles-web-collector&redirect_uri=https%3A%2F%2Fservices.api.airmiles.ca%2Fservices%2Fairmiles%2Fsling%2Fno-cache%2Fauthenticate&connection=member-pin-idp-recaptcha&utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.136.217 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b653d07011d41db1bab22cada6f9b4eb8f2092f759104584239d67ef6987b80a

Request headers

Referer: https://oauth.airmiles.ca/
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Thu, 08 Dec 2022 14:17:39 GMT
Last-Modified: Thu, 12 Aug 2021 15:03:20 GMT
Server: AmazonS3
x-amz-request-id: Y7AJVH4KH0HKBM1C
ETag: "f023c1e223eb8e25de33525b21c48999"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 11724
x-amz-id-2: PAWA5dreNKPVCFvzH2qXVbTOlctPpWcYdpBbpt3lokse4QwT823GDvd6NP8wp94h6yeZvsiVT+Q=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
19ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-589MTWS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 13:46:25 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1873
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 08 Dec 2022 15:46:25 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 79ms
37ms Script
application/javascript 2607:f8b0:4006:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CWLBQJLYC4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-589MTWS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

582cfd61576090c2d8d1946b5a2ed369bd2a4aad1ecf8412d0ce8ae99eb87f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 14:17:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 08 Dec 2022 14:17:38 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 790 B
1 KB 374ms
89ms XHR
application/json 44.239.225.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=6A3DF65A5832D31C0A495C35%40AdobeOrg&d_nsid=0&d_mid=41067199102084710391204147742754996223&ts=1670509058795

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.225.159 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-225-159.us-west-2.compute.amazonaws.com

Software

Resource Hash

74a6fb2701f108e6bb901854266d5b405ac55610862422b33253022543bcb19f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-2-v041-06523b05c.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: c/z+IRO0Sb4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://oauth.airmiles.ca
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 493
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 delivery Show response
starget.airmiles.ca/rest/v1/ 353 B
719 B 143ms
38ms XHR
application/json 54.162.44.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://starget.airmiles.ca/rest/v1/delivery?client=loyaltyone&sessionId=888cd278bcf74bf083183b4158140183&version=2.8.1
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.162.44.193 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-44-193.compute-1.amazonaws.com
Software: /
Resource Hash: 1da3657d323f846e90216e9e0afea2f9d41a9e57d821a143bbc0b00c23e8b4f0

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Dec 2022 14:17:38 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://oauth.airmiles.ca
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 75945b07451ffc6e64e0dbd6bdcdba35

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 399 KB
160 KB 71ms
19ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: https://oauth.airmiles.ca
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162976
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 00:12:40 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 63ms
21ms Script
text/javascript 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 13:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 08 Dec 2022 14:32:30 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
339 B 225ms
36ms Ping
text/plain 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-CWLBQJLYC4&gtm=2oebu0&_p=1715538396&_gaz=1&cid=831025667.1670509059&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670509058&sct=1&seg=0&dl=https%3A%2F%2Foauth.airmiles.ca%2Flogin%3Fstate%3DhKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA%26client%3Dh0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t%26protocol%3Doauth2%26scope%3Dmemberbanner%26response_type%3Dcode%26audience%3Dairmiles-web-collector%26redirect_uri%3Dhttps%253A%252F%252Fservices.api.airmiles.ca%252Fservices%252Fairmiles%252Fsling%252Fno-cache%252Fauthenticate%26connection%3Dmember-pin-idp-recaptcha%26utm_campaign%3D63357_auth0_admin_20221207_20221213%26utm_source%3Dairmiles%26utm_medium%3Demail%26utm_content%3Dawareness_ek_convert&dt=AIRMILES%20%7C%20Sign%20in&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CWLBQJLYC4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:809::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 14:17:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 87ms
34ms Ping
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CWLBQJLYC4&cid=831025667.1670509059&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CWLBQJLYC4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 14:17:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 95ms
48ms Image
image/gif 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CWLBQJLYC4&cid=831025667.1670509059&gtm=2oebu0&aip=1&z=1801875996

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 14:17:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 44ms
33ms XHR
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-76333024-1&cid=831025667.1670509059&jid=844653965&gjid=875582682&_gid=967685032.1670509059&_u=aGBAiEAjBAAAAEAAI~&z=938689123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Dec 2022 14:17:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oauth.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2607:f8b0:4006:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1715538396&t=pageview&_s=1&dl=https%3A%2F%2Foauth.airmiles.ca%2Flogin%3Fstate%3DhKFo2SBpLTNLZU8xSjJfR0NqR09zUGRfbWU5WjdseGFCQUlFa6FupWxvZ2luo3RpZNkgaTZxMmZvdTE5eC1GZWcwdXBfTmNSRlB2UnFRcmx4WjKjY2lk2SBoMElzQkZ2aWNDelAwdHp0WmpmRGxVZVF2M3VLaFE4dA%26client%3Dh0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t%26protocol%3Doauth2%26scope%3Dmemberbanner%26response_type%3Dcode%26audience%3Dairmiles-web-collector%26redirect_uri%3Dhttps%253A%252F%252Fservices.api.airmiles.ca%252Fservices%252Fairmiles%252Fsling%252Fno-cache%252Fauthenticate%26connection%3Dmember-pin-idp-recaptcha%26utm_campaign%3D63357_auth0_admin_20221207_20221213%26utm_source%3Dairmiles%26utm_medium%3Demail%26utm_content%3Dawareness_ek_convert&dp=%2Flogin&ul=en-us&de=UTF-8&dt=AIRMILES%20%7C%20Sign%20in&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiEAjBAAAAAAAI~&jid=844653965&gjid=875582682&cid=831025667.1670509059&tid=UA-76333024-1&_gid=967685032.1670509059&gtm=2wgbu0589MTWS&cd5=prod&cd9=1670509058754&cd11=1670509058754.ggvccheh&z=2095055143

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 06:43:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27255
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 85ms
39ms Image
image/gif 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-76333024-1&cid=831025667.1670509059&jid=844653965&_u=aGBAiEAjBAAAAEAAI~&z=1309463963

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 14:17:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 82ms
40ms Image
image/gif 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-76333024-1&cid=831025667.1670509059&jid=844653965&_u=aGBAiEAjBAAAAEAAI~&z=1309463963

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Dec 2022 14:17:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0863 43 KB
22 KB 86ms
67ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=en&type=image&v=Km9gKuG06He-isPsP6saG8cn&theme=light&size=invisible&badge=bottomright&cb=fpoipr9q7sm4

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/prod-amrpext-auth0-login/auth0p.1.0.140.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18de5bb3762d027a2b735c8140a5d9f88408bba37bf7e12fcf108e958eeaed7b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jv4AoIxnv_XJRqDVZoa7dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22805
content-security-policy: script-src 'report-sample' 'nonce-Jv4AoIxnv_XJRqDVZoa7dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 14:17:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 0863 52 KB
24 KB 62ms
20ms Stylesheet
text/css 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=en&type=image&v=Km9gKuG06He-isPsP6saG8cn&theme=light&size=invisible&badge=bottomright&cb=fpoipr9q7sm4

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 20:28:37 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 0863 399 KB
159 KB 73ms
32ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162976
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 00:12:40 GMT

GET
H/1.1 200
OK dest5.html Show response
loyaltyone.demdex.net/ Frame 9551 7 KB
3 KB 336ms
82ms Document
text/html 54.186.254.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://loyaltyone.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.254.183 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-254-183.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-2-v041-07786c86f.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: CzIe7v54QYE=
content-encoding: gzip
date: Thu, 8 Dec 2022 14:17:39 GMT
last-modified: Fri, 28 Oct 2022 13:33:45 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y5HyAwAAAKckCgNP
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=40576214515534447081155053682146480996
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5HyAwAAAKckCgNP

42 B
942 B

84ms
83ms

Image
image/gif

44.239.225.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5HyAwAAAKckCgNP

Requested by

Protocol

HTTP/1.1

Server

44.239.225.159 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-225-159.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-067601ecc.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7Lko5w1uRxI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5HyAwAAAKckCgNP
Date: Thu, 08 Dec 2022 14:17:39 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0863 2 KB
2 KB 22ms
22ms Image
image/png 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 05:38:29 GMT
x-content-type-options: nosniff
age: 117550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 14 Dec 2022 05:38:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0863 15 KB
15 KB 27ms
26ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 03:07:28 GMT
x-content-type-options: nosniff
age: 126611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:07:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0863 15 KB
16 KB 25ms
25ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:00:33 GMT
x-content-type-options: nosniff
age: 515826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 15:00:33 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0863 102 B
133 B 38ms
38ms Other
text/javascript 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e37cf126aa8566a656738098b081924337b521eaa6e63938c06a9e068829ffa3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u&co=aHR0cHM6Ly9vYXV0aC5haXJtaWxlcy5jYTo0NDM.&hl=en&type=image&v=Km9gKuG06He-isPsP6saG8cn&theme=light&size=invisible&badge=bottomright&cb=fpoipr9q7sm4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 14:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 08 Dec 2022 14:17:39 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame D8CC 7 KB
1 KB 41ms
41ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2bee9a82768389e687512e66efe8a9ad360647ae37e604e4cbdacda50ed87ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CUfUtSDxwcKhLNyxNYW4PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-CUfUtSDxwcKhLNyxNYW4PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 14:17:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame D8CC 52 KB
24 KB 24ms
19ms Stylesheet
text/css 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 20:28:37 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame D8CC 399 KB
159 KB 23ms
21ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 00:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162976
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 00:12:40 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEEpb6gzbWDcFWCtyg5GL3qY&google_cver=1
dpm.demdex.net/ Frame 9551
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDA1NzYyMTQ1MTU1MzQ0NDcwODExNTUwNTM2ODIxNDY0ODA5OTY=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDA1NzYyMTQ1MTU1MzQ0NDcwODExNTUwNTM2ODIxNDY0ODA5OTY=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEpb6gzbWDcFWCtyg5GL3qY&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

84ms
84ms

Image
image/gif

44.239.225.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEpb6gzbWDcFWCtyg5GL3qY&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

44.239.225.159 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-225-159.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://loyaltyone.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-03e40795d.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: h8iJjDYmTUs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 08 Dec 2022 14:17:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEpb6gzbWDcFWCtyg5GL3qY&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC2c0c2659f44a415294e0fcbaa6ee0460-source.min.js Show response
assets.adobedtm.com/cf65343579a7/3196a1cd60be/0cac6ed87f90/ 2 KB
1 KB 38ms
37ms Script
application/x-javascript 2600:1402:9800:48a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/0cac6ed87f90/RC2c0c2659f44a415294e0fcbaa6ee0460-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1402:9800:48a::1e80 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 817ba80ef004a237ac3e262e0dc1f08d38d5d9ceec4e42d3626b757025dc3048

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 14:17:39 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 14:41:06 GMT
server: AkamaiNetStorage
etag: "51a9fb67f17c7e0f8a28ff2fa9da7b02:1669646466.263451"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1134
expires: Thu, 08 Dec 2022 15:17:39 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame D8CC 38 KB
23 KB 70ms
69ms XHR
application/json 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

16ca5b54280d9e670e3e3cd4ee88f27f9c737fb8decf2ea6981663a5b21783ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6LdhQd4ZAAAAALjx6VSEzBl47vrl4Y0nbrcIRN6u
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 08 Dec 2022 14:17:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23500
x-xss-protection: 1; mode=block
expires: Thu, 08 Dec 2022 14:17:39 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 9551
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=40576214515534447081155053682146480996&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-lOTr.KRE2pH7COvtM4oFIqJ2WFECdrS0peE-~A

42 B
942 B

168ms
83ms

Image
image/gif

44.239.225.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-lOTr.KRE2pH7COvtM4oFIqJ2WFECdrS0peE-~A

Protocol

HTTP/1.1

Server

44.239.225.159 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-225-159.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://loyaltyone.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v041-0fbbb389d.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: K73jyo30S+g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 08 Dec 2022 14:17:39 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0106.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-lOTr.KRE2pH7COvtM4oFIqJ2WFECdrS0peE-~A
content-length: 0

POST
H/1.1 200
OK event Show response
loyaltyone.demdex.net/ 636 B
1 KB 84ms
84ms XHR
application/json 54.186.254.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://loyaltyone.demdex.net/event?d_dil_ver=9.5&_ts=1670509060147

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/cf65343579a7/3196a1cd60be/launch-29c1aee2883d.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.186.254.183 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-186-254-183.us-west-2.compute.amazonaws.com

Software

Resource Hash

1d930468a286e1788fc5a1393968e6e961a6b49dab2fda17baf27d2c92316863

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-1-v041-058193107.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 4cg4MyRxSfY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://oauth.airmiles.ca
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 411
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oauth.airmiles.ca/usernamepassword/login	1970-01-20 08:16:13	Name: _csrf Value: hu4P_I_ARka1-l0RVqo7xHXQ
www.google.com/recaptcha	1970-01-20 12:21:01	Name: _GRECAPTCHA Value: 09ACJCI2nqj7yavPUEIfqUoHoK-3tEqS493kpXMqm2iPr4bVnO31Nl7kLRfQQC1LvzMOdlTCukDBwNEWVo5kwNio8
.airmiles.ca/	1969-12-31 23:59:59	Name: nlid Value: a6f2c463\|7e229fa
.airmiles.ca/	1970-01-20 17:37:49	Name: nllastdelid Value: 7e229fa
.airmiles.ca/	1969-12-31 23:59:59	Name: province Value: QC
.airmiles.ca/	1969-12-31 23:59:59	Name: returnTo Value: https_//www.airmiles.ca/en/profile/convert.html?utm_campaign=63357_auth0_admin_20221207_20221213&utm_source=airmiles&utm_medium=email&utm_content=awareness_ek_convert
.airmiles.ca/	1970-01-20 08:01:52	Name: AKA_A2 Value: A
oauth.airmiles.ca/	1970-01-20 16:47:46	Name: did Value: s%3Av0%3A11776d00-7703-11ed-990b-9fd2439d8552.GDVSwF8%2F8KjJIwS3Wc1z6qMw69sdZTGeOYDrymrDerA
oauth.airmiles.ca/	1970-01-20 08:06:08	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFDa4U67n1CgN8-w2kEr2rbngRQxtMWBAv-ruieCuElestFB26aKb-J1-t9DrqeZaB23bZo5IrnO4Gwc4M1PQ2-mY29va2llg6dleHBpcmVz1_8ESqIAY5Xmgq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.xtbzaLAM2eB%2BN%2FEkO10jajTDK3WIzVcWwon7uoqUJ9E
oauth.airmiles.ca/	1970-01-20 16:47:46	Name: did_compat Value: s%3Av0%3A11776d00-7703-11ed-990b-9fd2439d8552.GDVSwF8%2F8KjJIwS3Wc1z6qMw69sdZTGeOYDrymrDerA
oauth.airmiles.ca/	1970-01-20 08:06:08	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFDa4U67n1CgN8-w2kEr2rbngRQxtMWBAv-ruieCuElestFB26aKb-J1-t9DrqeZaB23bZo5IrnO4Gwc4M1PQ2-mY29va2llg6dleHBpcmVz1_8ESqIAY5Xmgq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.xtbzaLAM2eB%2BN%2FEkO10jajTDK3WIzVcWwon7uoqUJ9E
.airmiles.ca/	1969-12-31 23:59:59	Name: at_check Value: true
.airmiles.ca/	1970-01-20 08:03:15	Name: _gid Value: GA1.2.967685032.1670509059
.airmiles.ca/	1970-01-20 17:37:49	Name: _ga_CWLBQJLYC4 Value: GS1.1.1670509058.1.0.1670509058.60.0.0
.airmiles.ca/	1970-01-20 17:37:49	Name: _ga Value: GA1.1.831025667.1670509059
.airmiles.ca/	1970-01-20 08:01:49	Name: _dc_gtm_UA-76333024-1 Value: 1
.airmiles.ca/	1970-01-20 17:37:49	Name: mbox Value: session#888cd278bcf74bf083183b4158140183#1670510920\|PC#888cd278bcf74bf083183b4158140183.34_0#1733753860
.demdex.net/	1970-01-20 12:21:01	Name: demdex Value: 40576214515534447081155053682146480996
.airmiles.ca/	1969-12-31 23:59:59	Name: AMCVS_6A3DF65A5832D31C0A495C35%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 16:47:25	Name: everest_g_v2 Value: g_surferid~Y5HyAwAAAKckCgNP
.dpm.demdex.net/	1970-01-20 12:21:01	Name: dpm Value: 40576214515534447081155053682146480996
.airmiles.ca/	1970-01-20 17:37:49	Name: AMCV_6A3DF65A5832D31C0A495C35%40AdobeOrg Value: -2121179033%7CMCMID%7C41067199102084710391204147742754996223%7CMCIDTS%7C19335%7CMCAAMLH-1671113859%7C9%7CMCAAMB-1671113859%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCOPTOUT-1670516259s%7CNONE%7CMCSYNCSOP%7C411-19342%7CvVersion%7C5.3.0
.demdex.net/	1970-01-20 12:21:01	Name: dextp Value: 771-1-1670509059579\|30646-1-1670509059680
.doubleclick.net/	1970-01-20 17:37:49	Name: IDE Value: AHWqTUkUcE5prHodQBB-2g1YwhLsqpoBiUZI8nE8vZG_gEbo-M4Pt0kWrzvIuaBeOxA
.yahoo.com/	1970-01-20 16:47:46	Name: A3 Value: d=AQABBAPykWMCEC_7fd15T086nqRZHQkPlUgFEgEBAQFDk2ObYwAAAAAA_eMAAA&S=AQAAAqQodhizPYWd27de83JvFyo
.oauth.airmiles.ca/	1970-01-20 08:45:01	Name: aam_tnt Value: seg%3D15722027%2Cseg%3D15559059%2Cseg%3D15722027%2Cseg%3D15779431

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airmiles-fonts.s3.amazonaws.com
airmiles.ca
analytics.google.com
assets.adobedtm.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
dpm.demdex.net
fonts.gstatic.com
loyaltyone.demdex.net
oauth.airmiles.ca
polyfill.io
s3.amazonaws.com
starget.airmiles.ca
stats.g.doubleclick.net
t.prod1.programnews.airmiles.ca
www.airmiles.ca
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
142.251.40.226
159.175.66.11
2600:1402:9800:48a::1e80
2606:4700:4400::6812:2675
2607:f8b0:4004:c09::9d
2607:f8b0:4006:809::2003
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80e::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:81f::2008
2a04:4e42:c00::282
3.220.196.113
35.183.60.36
44.239.225.159
52.217.85.214
54.162.44.193
54.186.254.183
54.231.136.217
76.13.32.147
96.16.195.224
02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0
16ca5b54280d9e670e3e3cd4ee88f27f9c737fb8decf2ea6981663a5b21783ab
18de5bb3762d027a2b735c8140a5d9f88408bba37bf7e12fcf108e958eeaed7b
1a0e46b8cdee9e8af9b0cd555d33c82b3b920509ecf48a0c49b8b45074e266a3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d930468a286e1788fc5a1393968e6e961a6b49dab2fda17baf27d2c92316863
1da3657d323f846e90216e9e0afea2f9d41a9e57d821a143bbc0b00c23e8b4f0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42eec8ae8364f4aff658882bc68f24cfd9d7844c335486cb6e8f99d0e841c2e9
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
57709066bf6d023273173027dbddfdf2616578f524c9360f3fbb6e87740fab47
582cfd61576090c2d8d1946b5a2ed369bd2a4aad1ecf8412d0ce8ae99eb87f65
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b5a7b9614bd1499c89bf55bb6d2f13b22bb71522b357995a4df9459f8092038
74a6fb2701f108e6bb901854266d5b405ac55610862422b33253022543bcb19f
78952943632e3c1c3b3313ba757aa35b716e9fca299604f1a8db3b8a83319ca6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
817ba80ef004a237ac3e262e0dc1f08d38d5d9ceec4e42d3626b757025dc3048
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9b0f297e5bd1358af71c54f54f76e4b87767b91ec2d94d01265c45ebbb68242a
a2bee9a82768389e687512e66efe8a9ad360647ae37e604e4cbdacda50ed87ff
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b653d07011d41db1bab22cada6f9b4eb8f2092f759104584239d67ef6987b80a
bbc31236efcb01ab9ce0c1f3be3ed041cdc2b87b07df8bb0b2401cd053b2b7c3
bd3e0886413ad534cc1d803be54d6911870005163bc22377dbbe49a0811676a8
d660b71230c11560d6cc62c46f2a8568b6a2e5d6e605fb9fbd2a36854bc24048
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9f6890fef0f7c4983c43608224a3afee265e2af6530ffc772667288520ef87c
e37cf126aa8566a656738098b081924337b521eaa6e63938c06a9e068829ffa3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

oauth.airmiles.ca Open in urlscan Pro 2606:4700:4400::6812:2675 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

88 %HTTPS

48 %IPv6

13 Domains

22 Subdomains

16 IPs

2 Countries

2591 kBTransfer

3883 kBSize

26 Cookies

8 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oauth.airmiles.ca Open in urlscan Pro
2606:4700:4400::6812:2675 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

88 %
HTTPS

48 %
IPv6

13
Domains

22
Subdomains

16
IPs

2
Countries

2591 kB
Transfer

3883 kB
Size

26
Cookies

43 HTTP transactions
0 data transactions